I want to block all outgoing http and https traffic with mikrotik firewall and redirect it to Handycache machine

Handycache is 192.168.100.27 port 8080 and I have checked the ssl handling When I specify the handycache as proxy, it works as expected (more or less) including httpsWhen I use mikrotik to redirect tcp port 80 to handycache (http) everything works as expected

BUT

when I use the same rule to redirect tcp port 443 (https) to handycache it seems that handycache does not accept it (I see no connections at the monitor) although mikrotik reports that it has redirected the packet.

Any help?Should I make something special at handycache to accept redirected https packets?

I think that there is nothing that you can do, because this is a HC issue.

Now, HC expects that client (browser) know, that it will work with proxy server and at first it will send CONNECT request to the proxy, to establish secure tunnel.

To accept redirected request from clients that don't know anything about proxy, HC should listen incoming requests on some another port (443 fo example) and accept all requests directly. And, of course, listening this port make sense only if SSL handling is enabled.

Implementation of this feature is pretty simple, so you should ask mai62 to add it.

It is critical not only for me but also many others who have a firewall and want to blockprograms that bypass the proxy and talk directly to internet.

Some of them do not have an option to specify a proxy and some other do it on purpose.

(Looking at the connections at my firewall I see many unrecognized connections from programsthat try to connect directly to internet.For example a new LG smartTV that tries to connect to central office of the manufacturer.....)

Thank YouPosted on: 08 March 2017, 09:37:53

Do you know If using a programm like proxifier would work?Or proxifier works only for connections from the same pc(not for incoming connections)?

Is it possible to run proxifier together with handycache at the same machine and have the mikrotik(firewall) redirect traffic (https)from all the network to this machine ?The redirected https traffic to come from mikrotik to proxifier and then redirected again to handycache?